------ Original Message ------
From: "Henry Story" <henry.story@bblfish.net>
>
>So your argument is stronger, since you argue that a lot of computers are malware
>infested. Of course there the thing to do is for banks to add other methods of
>verification or notification,
>
you're right on this count. One of my banks used to rely just on
SSL/TLS.
Now I have to carry a watch-word around... in fact 3 of them for my 3
banks.
Are you suggesting websites should all start issuing physical security
devices so that people can enjoy their site with REAL security
or are you happy with the illusion.
Maybe a better metaphor would have been the Matrix.
We're not looking for blue pills here.
>>
>>
>>We'll just lower the overall security by applying the same security
>>enforcement to all sites. Connecting to your bank or to you WiFi
>>router's admin page will look equally safe.
>>
>
>
>Ah it is the "look" of security that is worrying you? Going to a bank should
>"look" more secure that your router's admin page? But your router admin page
>should be just as secure as the bank if possible, since that is another vector
>of attack.
>
he meant the opposite. We're not interested in something masquerading
as security. If we're going to place the cost on the world, it needs
to provide actual security.
>>
>>I don't think this is the
>>intent of this move, really.
>>
>>Willy
>>
>>
>
>
>Social Web Architect
>http://bblfish.net/
>
>
>
>